Cisco Network Time Protocol (NTP)

NTP (Network Time Protocol) is used to allow network devices to synchronize their clocks with a central source clock. For network devices like routers, switches or firewalls this is very important because we want to make sure that logging information and timestamps have the accurate time and date. If you ever have network issues or get hacked, you want to make sure you know exactly what and when it happened.

Normally a router or switch will run in NTP client mode which means that it will adjust its clock based on the time of a NTP server. Basically the NTP protocol describes the algorithm that the NTP clients use to synchronize their clocks with the NTP server and the packets that are used between them.

A good example of a NTP server is ntp.pool.org. This is a cluster of NTP servers that many servers and network devices use to synchronize their clocks.

NTP uses a concept called “stratum” that defines how many NTP hops away a device is from an authorative time source. For example, a device with stratum 1 is a very accurate device and might have an atomic clock attached to it. Another NTP server that is using this stratum 1 server to sync its own time would be a stratum 2 device because it’s one NTP hop further away from the source. When you configure multiple NTP servers, the client will prefer the NTP server with the lowest stratum value.

Cisco routers and switches can use 3 different NTP modes:

NTP client mode.

NTP server mode.

NTP symmetric active mode.

The symmetric active mode is used between NTP devices to synchronize with each other, it’s used as a backup mechanism when they are unable to reach the (external) NTP server.

In the remaining of this tutorial I will demonstrate how to configure NTP on a Cisco router and switches.

Configuration

This is the topology I will use:

The router on the top is called “CoreRouter” and its the edge of my network. It is connected to the Internet and will use one of the NTP servers from pool.ntp.org to synchronize its clock. The network also has two internal switches that require synchronized clocks. Both switches will become NTP clients of the CoreRouter, thus making the CoreRouter a NTP server.

Router configuration

First we will configure the CoreRouter on top. I will use pool.ntp.org as the external NTP server for this example. We need to make sure that the router is able to resolve hostnames:

CoreRouter(config)#ip name-server 8.8.8.8

I will use Google DNS for this. Our next step is to configure the NTP server:

CoreRouter(config)#ntp server pool.ntp.org

That was easy enough, just one command and we will synchronize our clock with the public server. We can verify our work like this:

Above we see the show ntp associations command that tells us if our clock is synchronized or not. The ~ in front of the IP address tells us that we configured this server but we are not synchronized yet. You can see this because there is no * in front of the IP address and the “st” field (stratum) is currently 16.

There is one more command that gives us more information about the NTP configuration:

A few minutes later and the output has changed. The * in front of the IP address tells us that we have synchronized and the stratum is 2…that means that this NTP server is pretty close to a reliable time source. The “poll” field tells us that we will try to synchronize the time every 64 seconds. Let’s check the other command that we just saw:

Our clock has been synchronized and our own stratum is 3, that makes sense since the public stratum server has a stratum of 2 and we are one “hop” away from it.

NTP synchronization can be very slow so you have to be patient when your clocks are not synchronized. One way to speed it up a bit is to adjust your clock manually so it is closer to the current time.

Cisco routers have two different clocks, they have a software clock and a hardware clock and they operate separately from each other. Here’s how to see both clocks:

CoreRouter#show clock
12:41:25.197 UTC Mon Jul 7 2014

CoreRouter#show calendar
12:43:24 UTC Mon Jul 7 2014

The show clock command shows me the software clock while the show calendar command gives me the hardware clock. The two clocks are not in sync so this is something we should fix, you can do it like this:

CoreRouter#(config)ntp update-calendar

The ntp update-calendar command will update the hardware clock with the time of the software clock, here’s the result:

CoreRouter#show clock
12:42:31.853 UTC Mon Jul 7 2014

CoreRouter#show calendar
12:42:30 UTC Mon Jul 7 2014

That’s all I wanted to configure on the CoreRouter for now. We still have to configure two switches to synchronize their clocks.

Switch Configuration

The two switches will be configured to use the CoreRouter as the NTP server and I will also configure them to synchronize their clocks with each other. Let’s configure them to use the CoreRouter first:

SW1(config)#ntp server 192.168.123.3

Once again it might take a few minutes to synchronize but this is what you will see:

SW1 and SW2 are now using CoreRouter to synchronize their clocks. Let’s also configure them to use each other for synchronization. This is the symmetric active mode I mentioned before, basically the two switches will “help” each other to synchronize…this might be useful in case the CoreRouter fails some day:

SW1(config)#ntp peer 192.168.123.2

SW2(config)#ntp peer 192.168.123.1

After waiting a few minutes you’ll see that SW1 and SW2 have synchronized with each other:

SW2

Are we done? Not quite yet…there are a few more things we can do with NTP. The CoreRouter and the two switches use unicast (UDP port 123) for synchronization but you can also use multicast or broadcast. Let me give you an example…

Multicast and Broadcast

If you have more than 20 network devices or a router that has limited system memory or CPU resources you might want to consider using NTP broadcast or multicast as it requires less resources. We can enable multicast or broadcast on the interface level.To demonstrate this I will add two routers below SW1 and SW2 that will synchronize themselves using multicast or broadcast. This is what it looks like:

I’ll configure SW1 to use multicast address 239.1.1.1 and SW2 will send NTP updates through broadcast:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.

Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!

Forum Replies

The first complete specification of NTP, that is, Version 1, appeared in 1988 (RFC 1059) which provided simple symmetric and client server mode operation.

Version 2 appeared in 1989 (RFC 1119) and added symmetric key authentication using DES-CBC.

Version 3, which is the version that is most used today was first described in 1992 (RFC 1305) and has been systematically improved over the years. It introduced formal correctness principles, revised algorithms and broadcast mode . This is the default version that is available in most Cisco devices using

Let’s say I have a router that is configured to receive the ntp information from a ntp server located in the internet. I have also configured the time locally by using clock set command. Which time will have more preference? In another words, which time the router will use?

What is the command to change time-zone in a router?

Let’s say a router is configured to sync its time from a ntp server and the ntp server is feeding UTC time to the router. However, I like the router to show EST time in the clock or let’s say in syslog message

**Question 1**
When NTP is configured on a device, there is what is called a poll interval. This interval is dynamic and as client and server become better synced, and there aren’t any dropped packets, this interval increases to a maximum of 1024 seconds. If you change the time using the clock set command, the time you set will become the new time. However, when the poll interval is exhausted, the device will re-sync with the NTP server. So any changes you make manually will be over-ridden at the next poll interval.

NTP and PTP have some similarities. NTP is the most common protocol to sync clocks on your network, that’s what you will mostly see on networks nowadays. We use it to sync the clock on network devices but also computers/servers etc. NTP uses software timestamping and supports millisecond synchronization.

PTP is similar to NTP but uses hardware timestamping and offers nanosecond or picosecond-level synchronization.

For 99% of the devices, NTP is good enough but if you have devices where millisecond-level synchronization is not good enough, PTP is an

New Lessons

Testimonials

Pedagogy & Deep Understanding of Networking

I’ve fallen in love with Rene’s materials. I was looking for an online course to start my CCNP R&S. Then I went like: Who's better than this guy playing that easy with networking principles and Cisco devices and who truly knows the art of teaching networking? I’m enjoying so far all valuable content of NetworkLessons.com and above all, Rene’s teachings are helping me to move smoothly on my journey towards my CCNP R&S certification. Rene in an expert in pedagogy and I recommend his courses to everyone who want to go deep with networking principles.

Serges AvodagbeNetwork EngineerMay 8, 2017

Really Helped Getting my CCIE

The lessons and explanations of NetworkLessons.com are presented in a very simple way that its easier to absorb than other sources and to get the hang of it. NetworkLessons.com has really helped me with my CCIE certification. Thanks!

Darmah RajSenior Network EngineerJuly 16, 2018

Simple, Clear and Understandable

The lessons of NetworkLessons.com are thought through well and explained in a simple, clear and understandable way. I really like the combination of videos and written lessons!

Ferenc TüskésNetwork AnalystFebruary 19, 2018

THE Go-to Resource!

As I study for my CCIE I read a lot of books, blogs and technotes about the individual topics to try to ensure that I have a complete understanding of each subject. Networklessons.com is by far the best at breaking down complex items into easily understood pieces, and it is my go-to website when I'm getting confused about something. If when I get my CCIE, I will owe Rene a personal thank you for the assistance and the online resources of Networklessons.com!

Dylan CostiganNetwork EngineerJanuary 18, 2016

Explanations in Simple English

NetworkLessons.com gave me a vast knowledge in Cisco Networking. The explanations are very clear and are in simple English which anyone can easily understand. I got much more knowledge from this website for my Cisco Exam and my carrier progress. Thank you so much for helping network professionals over the world!

Amila MadusankaNetwork EngineerJuly 9, 2016

Can’t Miss for a Day

NetworkLessons.com makes labs look easy and understandable. I seriously can't miss a single day without being a member of their website. NetworkLessons.com is a fantastic and very helpful e-learning site. They provide you the best and the most important knowledge that you need to get any networking job done. Thank you!

Jean CasimirSr Network EngineerAugust 14, 2017

Everything You Need To Know

NetworkLessons.com is the best! It is very informative, detail oriented and covers every single subject in the Cisco curriculum. All is based on theory, practical samples and of course Rene's own experience and is very user-friendly. If I have to recommend NetworkLessons.com to either my colleagues or friends, I'd tell them that it has everything they need to know to master their network curriculum starting from CCNA, ASA to CCIE!

Hemil AquinoNetwork EngineerMay 22, 2017

Very Good to Get Pratical

NetworkLessons.com is a very good resource to get practical. They offer good information for the certifications and detailed lessons which are efficiently explained. I started to avoid extensiveness in studying for re-certification and prefer their much more compacter study materials. They offer very helpful information to make me accomplish not only professional networking tasks but also refresh my knowledge all the time and be up to date in my expertise.

Luis Felipe Vargas CarranzaNetwork & Firewall Engineer May 24, 2018

Nice & Interactive Training

Networklessons.com is a very nice compilation of all Networking Route and Switch Technologies. Very good and interactive explanation of technologies which are easier to simulate on own's lab environment after reading on Networklessons.com.

Abhijeet AgarwalNetwork EngineerOctober 30, 2015

Genuine Videos

I have had the pleasure of being in Rene classroom presentations a few years ago. It looks like his videos on NetworkLessons.com are actually taped in a real live class. He is just that kind of guy (the greatest). Thanks!

Francois van AbkoudeNetwork TrainerJune 6, 2018

Very Good in Explaining!

Accurate and very good in explaining technical networking topics materials. NetworkLessons.com provides complete courses for every networking topic imaginable. I really like their methods and ease of explanation and every fine detail in it. Together with their GNS3vault both websites are of great value. Keep on going!

Hans KneefelIP SpecialistDecember 9, 2015

State of the Art Material

Honestly, from a lot of e-learning sites and looking around online for several years, I'm very pleased to find this one. Explanations and examples are very easy to read and understand, especially all the CCNP/CCIE material. They go straight to the point, period! I personally congratulate René for his excellent and state-of-the-art work to keep us updated on networking topics we need for professional development and in the job!